CVE-2010-2577 Information

Description

Multiple SQL injection vulnerabilities in Pligg before 1.1.1 allow remote attackers to execute arbitrary SQL commands via the title parameter to (1) storyrss.php or (2) story.php.

Reference

http://secunia.com/advisories/40931 http://secunia.com/secunia_research/2010-111/ http://www.osvdb.org/67067 http://www.osvdb.org/67068 http://www.pligg.com/blog/991/pligg-cms-1-1-1-release/ http://www.securityfocus.com/bid/42408